Описание
Security update for subversion
This update for subversion to version 1.10.6 fixes the following issues:
Security issues fixed:
- CVE-2018-11782: Fixed a remote denial of service in svnserve 'get-deleted-rev' (bsc#1142743).
- CVE-2019-0203: Fixed a remote, unauthenticated denial of service in svnserve (bsc#1142721).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.0
libsvn_auth_gnome_keyring-1-0-1.10.6-lp151.4.3.1
libsvn_auth_kwallet-1-0-1.10.6-lp151.4.3.1
subversion-1.10.6-lp151.4.3.1
subversion-bash-completion-1.10.6-lp151.4.3.1
subversion-devel-1.10.6-lp151.4.3.1
subversion-perl-1.10.6-lp151.4.3.1
subversion-python-1.10.6-lp151.4.3.1
subversion-python-ctypes-1.10.6-lp151.4.3.1
subversion-ruby-1.10.6-lp151.4.3.1
subversion-server-1.10.6-lp151.4.3.1
subversion-tools-1.10.6-lp151.4.3.1
openSUSE Leap 15.1
libsvn_auth_gnome_keyring-1-0-1.10.6-lp151.4.3.1
libsvn_auth_kwallet-1-0-1.10.6-lp151.4.3.1
subversion-1.10.6-lp151.4.3.1
subversion-bash-completion-1.10.6-lp151.4.3.1
subversion-devel-1.10.6-lp151.4.3.1
subversion-perl-1.10.6-lp151.4.3.1
subversion-python-1.10.6-lp151.4.3.1
subversion-python-ctypes-1.10.6-lp151.4.3.1
subversion-ruby-1.10.6-lp151.4.3.1
subversion-server-1.10.6-lp151.4.3.1
subversion-tools-1.10.6-lp151.4.3.1
Ссылки
- E-Mail link for openSUSE-SU-2019:1910-1
- SUSE Security Ratings
- SUSE Bug 1142721
- SUSE Bug 1142743
- SUSE CVE CVE-2018-11782 page
- SUSE CVE CVE-2019-0203 page
Описание
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.
Затронутые продукты
openSUSE Leap 15.0:libsvn_auth_gnome_keyring-1-0-1.10.6-lp151.4.3.1
openSUSE Leap 15.0:libsvn_auth_kwallet-1-0-1.10.6-lp151.4.3.1
openSUSE Leap 15.0:subversion-1.10.6-lp151.4.3.1
openSUSE Leap 15.0:subversion-bash-completion-1.10.6-lp151.4.3.1
Ссылки
- CVE-2018-11782
- SUSE Bug 1142743
Описание
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.
Затронутые продукты
openSUSE Leap 15.0:libsvn_auth_gnome_keyring-1-0-1.10.6-lp151.4.3.1
openSUSE Leap 15.0:libsvn_auth_kwallet-1-0-1.10.6-lp151.4.3.1
openSUSE Leap 15.0:subversion-1.10.6-lp151.4.3.1
openSUSE Leap 15.0:subversion-bash-completion-1.10.6-lp151.4.3.1
Ссылки
- CVE-2019-0203
- SUSE Bug 1142721